Linux-Networking Digest #168, Volume #11 Sat, 15 May 99 20:14:34 EDT
Contents:
How to share a modem ? (benjamin)
Re: how to conect to comps with ethernet cards? (Javier =?iso-8859-1?Q?P=E9rez?=
Montes)
Re: diald (Frank Hahn)
Re: unknown data from my p-to-p address (Malware)
Re: Masquerading security (Malware)
Re: kernel 2.2.7 ipchains (Malware)
Re: Can't TELNET to Linux (Malware)
Re: IPX forwarding (Malware)
Re: Strange network packets (Malware)
Re: Diald dials but no PPP? (Frank Hahn)
Re: Can't TELNET to Linux ("David E. Smith")
printing problem (Edouard Oyer)
ppp linux 2.2 problem ([EMAIL PROTECTED])
SECURITY ISSUES: Single user restriction at lilo boot: ([EMAIL PROTECTED])
----------------------------------------------------------------------------
From: benjamin <[EMAIL PROTECTED]>
Subject: How to share a modem ?
Date: Sun, 16 May 1999 01:32:42 +0200
Hello ,
I am runing Linux Kernel 2.2.4
I want to share a cable-modem between two computers (PC1 and PC2). I
have a HUB to do that.
I should, properly, keep the modem connected to PC1 via eth0, and link
PC1 to PC2 via eth1. But, i am looking for a possibility to connect PC1
and PC2 idependently (so that PC2 doesn't need PC1 to be on 24 hours a
day).
Is there any solutions to this problem ? (Like connect PC1, PC2, and
modem to the HUB --> and if this is working, what happens with ip
forwarding ?)
Thank you for helping.
Benjamin.
runing Linux Kernel 2.2.4
e-mail: [EMAIL PROTECTED]
------------------------------
From: Javier =?iso-8859-1?Q?P=E9rez?= Montes <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.setup,es.comp.os.linux
Subject: Re: how to conect to comps with ethernet cards?
Date: Sat, 15 May 1999 23:44:45 +0100
To conect to comp you need to use a TCP/IP protcol over the network
adapter,
but this only is a primary step because you need to mount an NFS
server/client
to export directories than simply conecting via ftp.
Please, send me a detailed configuration of your comps and what exactly
you want to do with them?
Well, bye!
mary escribi�:
>
> need to conect my notebook to other comp with ethernet cards, many people
> here have or do ethernet conections, how can I configure it?, can anybody
> send me an example of two comps conected by ethernet cards?
> thanks in advance. [EMAIL PROTECTED]
--
_ _
_ __ _____ ________ __ __ | |__ ____| |______ ____
| '_ \ / _ \ '/ _ \_ | \ V / | '_ \ / _ \ _|_ \ '/ _ \
| |_) | __/ | __// / | | | |_) | (_) | | __/ | (_) |
| .__/ \___|_|\___|___| |_| |_.__/ \___/|_|\___|_|\___/
|_| e-mail: [EMAIL PROTECTED]
Conecto, luego existo.
Desconecto, luego insisto,
e insisto, e insisto,...
Infobia Cruz: Desconectar o no conectar esa es la cuestion.
------------------------------
From: [EMAIL PROTECTED] (Frank Hahn)
Subject: Re: diald
Date: 15 May 1999 21:59:47 GMT
Reply-To: [EMAIL PROTECTED]
On Fri, 14 May 1999 13:22:26 -0600, Mark Johnson <markj*no*spam*@gilanet.com>
wrote:
> After bringing up diald, I found it necessary to add a rule to my firewall
>(which had run just fine using pppd without diald) to ge it working:
>/sbin/ipfwadm -O -a accept -S 192.168.0.101/32 -D 0.0.0.0/0
>where:
>local 192.168.0.101
>is an option in diald.conf.
>
>However, reading this thread makes me wonder:
>1. Why does Frank Hahn have "inet addr: 192.168.100.10" for both eth0 and
>sl0? Does the kernel route all his local LAN packets to sl0? Why do that?
>
I don't think that it is. Here is the output of the ifconfig command after
my link is up:
$ ifconfig
lo Link encap:Local Loopback
inet addr:127.0.0.1 Bcast:127.255.255.255 Mask:255.0.0.0
UP BROADCAST LOOPBACK RUNNING MTU:3584 Metric:1
RX packets:242767 errors:0 dropped:0 overruns:0 frame:0
TX packets:242767 errors:0 dropped:0 overruns:0 carrier:0 coll:0
eth0 Link encap:Ethernet HWaddr 00:40:05:48:67:EE
inet addr:192.168.100.10 Bcast:192.168.100.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:535880 errors:0 dropped:0 overruns:0 frame:0
TX packets:533174 errors:0 dropped:0 overruns:0 carrier:0 coll:0
Interrupt:10 Base address:0x300
sl0 Link encap:Serial Line IP
inet addr:192.168.100.10 P-t-P:192.168.100.22 Mask:255.255.255.0
UP POINTOPOINT RUNNING MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:489 errors:0 dropped:0 overruns:0 carrier:0 coll:0
ppp0 Link encap:Point-to-Point Protocol
inet addr:208.164.40.33 P-t-P:208.164.40.3 Mask:255.255.255.0
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:2648 errors:0 dropped:0 overruns:0 frame:0
TX packets:1996 errors:0 dropped:0 overruns:0 carrier:0 coll:0
I have three computers in my network. One is a Sun Sparc 20, one is a
Windows 95 machine, and one is a 486 running Linux. The Linux machine
has the modem and has diald running which connects to the Internet. I
also run IP Masquerading on the Linux machine.
My IP address are as follows if this helps:
192.168.100.10 Linux
192.168.100.11 Windows 95
192.168.100.12 Sun
The Sun and the Windows machines use the Linux machine as the gateway.
Frank Hahn
--
Save the Whales -- Harpoon a Honda.
------------------------------
From: Malware <[EMAIL PROTECTED]>
Subject: Re: unknown data from my p-to-p address
Date: Sat, 15 May 1999 22:25:02 +0200
Hi Kai,
you wrote:
> My firewall denied the following package which came from my p-to-p address
> (I suppose this to be the router at my ISP):
>
> terra kernel: Packet log: ppp-in DENY ippp0 PROTO=1 195.90.8.65:5
> 195.90.8.81:1 L=56 S=0x00 I=64326 F=0x0000 T=255
It's an ICMP redirect what is normal behaviour in a broadcast network
that multiple routers are connected to. But I see no sense in it on a
PtP link.
> What is this package for (TCPMUX service) and why does the router at my ISP
> send me this package - usually I never get data from that address so I
The ports listed in /etc/services do not apply here since it is an ICMP
package. I have no idea about the number given as destination "port" yet
but the source "port" is taken from the ICMP code. You can look at
/usr/include/linux/icmp.h for the ICMP codes. A complete list of
assigned ICMP codes should be available at http://www.iana.org.
> blocked it on my firewall. Could this be a hackers attack? Looks like IP
> spoofing to me...
Could be possible too. However in this case (PtP link) it is ok to
filter out this packets.
Malware
------------------------------
From: Malware <[EMAIL PROTECTED]>
Subject: Re: Masquerading security
Date: Sat, 15 May 1999 22:23:13 +0200
Hi Kai,
you wrote:
> Shouldn't be possible if you bind the masquerading to a special device,
> means:
>
> If you allow the kernel to only forward packets from the local net (say
> 192.168.1.0/24 or similar) when they came in on device eth0. Then spoofing
> the packet to source 192.168.1.* but sending it in thru another device like
> ppp0 will not forward this packet...
The only problem is that this can not be accomplished that straight
forward as you wrote it down with ipchains since in forwarding rules
packets can only be matched by the destination interface but not the
interface the packet came in on. The most simple solution to avoid
spoofing of the source address would be (assuming a 2.2 kernel):
echo 1 >/proc/sys/net/ipv4/conf/all/rp_filter
echo 0 >/proc/sys/net/ipv4/conf/all/accept_source_route
Masquerading then can be enabled troguh the world bound interface like
following:
ipchains -A forward -j MASQ -s 192.168.1.0/24 -i ppp0
Malware
------------------------------
From: Malware <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.setup
Subject: Re: kernel 2.2.7 ipchains
Date: Sat, 15 May 1999 22:32:53 +0200
Hi Mark,
you wrote:
> Please help! I made a simple rules on ipchains. But when I try to list
> them out by ipchains -L, it suspened for a minute to show.
Add the switch "-n", else it will try to resolv IP it comes across into
a name.
> #ipchains -P forward DENY
> #ipchains -A -p tcp -s 192.168.1.0/24 -d 202.77.0.240/28 -j ACCEPT -b
^ forgot to type "forward" here
[...]
> And also, I can't ping, traceroute or httpd to that host.
Even if your packets go out they will never find the way back.
Additionally you have denied forwarding of ICMP completly what will
cause no error notification to be able to pass. In same manner blocking
UDP
in whole will take you the possibility to resolve any non-local
hostname.
Malware
------------------------------
From: Malware <[EMAIL PROTECTED]>
Subject: Re: Can't TELNET to Linux
Date: Sat, 15 May 1999 21:52:02 +0200
Hi K,
you wrote:
> And then it hangs. I have one other user account created at this
> time, other than root.
If you wait 4-5 minutes it will probably show a login prompt. To speed
this up add the host you are accessing this from to /etc/hosts on the
Linux box.
Malware
------------------------------
From: Malware <[EMAIL PROTECTED]>
Subject: Re: IPX forwarding
Date: Sat, 15 May 1999 22:33:53 +0200
Hi Paul,
you wrote:
> running IP forwarding (through ipchains). Is there any way I can run
> IPX forwarding as well?
Configure IPX interfaces on both network cards and run ipxd (package
ipxrip).
Malware
------------------------------
From: Malware <[EMAIL PROTECTED]>
Subject: Re: Strange network packets
Date: Sat, 15 May 1999 22:33:37 +0200
Hi Wilco,
you wrote:
> An network trace (tcpdump -i ippp0) show the following results:
>
> 23:57:45.006344 0.57.25.77 > 0.0.64.17: (frag 0:0@63512+) [ttl 0]
> 23:57:45.010911 truncated-ip - 16322 bytes missing!0.69.25.81 > 0.0.64.17:
> (frag 25346:16401@63512+) [ttl 0]
This is a problem of libpcap used by tcpdump. By running tcpdump without
the "-n" switch you worsen the problem even, because it does try to
resolve those bogus IP numbers into names.
Malware
------------------------------
From: [EMAIL PROTECTED] (Frank Hahn)
Subject: Re: Diald dials but no PPP?
Date: 15 May 1999 21:59:49 GMT
Reply-To: [EMAIL PROTECTED]
On 15 May 1999 00:13:12 GMT, MikeVW <[EMAIL PROTECTED]> wrote:
>OK this is really pissing me off. All I want to do is let my little
>seti@home proggie run and be able to connect to the net to upload and
>download its data even when I'm not around. Diald is what I need.
>
My /etc/diald.conf looks like this:
device /dev/cua2
connect "/etc/diald/dialup"
speed 115200
modem
lock
crtscts
defaultroute
#mtu 576
#mru 576
redial-timeout 20
connect-timeout 45
mode ppp
dynamic
local 192.168.100.10
#local 192.168.100.21
remote 192.168.100.22
accounting-log /var/adm/diald.log
ip-up /etc/diald/timeup
ip-down /etc/diald/timedown
include /usr/local/lib/diald/standard.filter
fifo /etc/diald/diald.ctl
I just used the connect script that came with diald and changed the
appropriate things. I also have a three computer network setup but
that should not make any difference.
Frank Hahn
--
Warp 7 -- It's a law we can live with.
------------------------------
From: "David E. Smith" <[EMAIL PROTECTED]>
Subject: Re: Can't TELNET to Linux
Date: 15 May 1999 19:27:02 GMT
In comp.os.linux.networking K Berrien wrote:
> I'm having trouble telnetting to my Linux box. When I connect to
> Linux I only get so far....
> Red Hat Linux release 5.2 (Apollo)
> Kernel 2.0.36 on an i486
If it hangs, period, that's just odd (and out of my depth).
If it hangs, then eventually allows the connect after a couple minutes,
it's a DNS problem.
If you're doing `telnet localhost' or something similar, make sure
/etc/hosts is properly configured. If you're accessing it from the outside
world, make sure named is running properly, and/or that /etc/resolv.conf
is configured properly.
...dave
------------------------------
From: Edouard Oyer <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.misc,comp.os.linux.setup
Subject: printing problem
Date: Sat, 15 May 1999 14:37:51 -0700
Reply-To: [EMAIL PROTECTED]
Hi Guys,
I really need your help on that one. I am in despair of doing anything.
I already went through the printing HOWTO and things are not the way
they should be.
I am trying to print on a printer that is on a netwrk. The way I am
accessing is through an IP number.
I am able to print when I am logged as root. I can't otherwise. The
message I get is
"lpr: connect: permission denied.
Jobs queued, but cannot start daemon."
The printing HOWTO says it is generally due to a bad network
configuration. In that case how can I be able to print when being root?
I am loosing my last hair.
Thanks for your help,
Edouard
------------------------------
From: [EMAIL PROTECTED]
Subject: ppp linux 2.2 problem
Date: Sat, 15 May 1999 23:31:29 GMT
Hi,
I have been running ppp fine with linux kernel 2.0.36. I tried moving it
2.2.9 and upgrading pppd as well to 2.3.8
and I am suddenly not able to connect anymore.
I am running the following command:
/usr/sbin/pppd debug noipdefault passive /dev/ttyS3 38400 defaultroute
connect '/etc/ppp/connect.sh'
and get the following debugging output:
May 15 16:14:41 orangehat pppd[2232]: Connect: ppp0 <--> /dev/ttyS3
May 15 16:14:42 orangehat pppd[2232]: sent [LCP ConfReq id=0x1 <asyncmap
0x0> <magic 0xe99c07cc> <pcomp> <accomp>]
May 15 16:14:42 orangehat pppd[2232]: rcvd [LCP ConfReq id=0x1 < 00 04
00 00> <mru 1524> <asyncmap 0xa0000> <pcomp> <accomp> < 11 04 05 f4> <
13 09 03 00 c0 7b 7e a6 74>]
May 15 16:14:42 orangehat pppd[2232]: sent [LCP ConfRej id=0x1 < 00 04
00 00> < 11 04 05 f4> < 13 09 03 00 c0 7b 7e a6 74>]
May 15 16:14:45 orangehat pppd[2232]: sent [LCP ConfReq id=0x1 <asyncmap
0x0> <magic 0xe99c07cc> <pcomp> <accomp>]
May 15 16:14:46 orangehat pppd[2232]: rcvd [LCP ConfReq id=0x1 < 00 04
00 00> <mru 1524> <asyncmap 0xa0000> <pcomp> <accomp> < 11 04 05 f4> <
13 09 03 00 c0 7b 7e a6 74>]
May 15 16:14:46 orangehat pppd[2232]: sent [LCP ConfRej id=0x1 < 00 04
00 00> < 11 04 05 f4> < 13 09 03 00 c0 7b 7e a6 74>]
May 15 16:14:48 orangehat pppd[2232]: sent [LCP ConfReq id=0x1 <asyncmap
0x0> <magic 0xe99c07cc> <pcomp> <accomp>]
May 15 16:14:50 orangehat pppd[2232]: rcvd [LCP ConfReq id=0x1 < 00 04
00 00> <mru 1524> <asyncmap 0xa0000> <pcomp> <accomp> < 11 04 05 f4> <
13 09 03 00 c0 7b 7e a6 74>]
May 15 16:14:50 orangehat pppd[2232]: sent [LCP ConfRej id=0x1 < 00 04
00 00> < 11 04 05 f4> < 13 09 03 00 c0 7b 7e a6 74>]
May 15 16:14:51 orangehat pppd[2232]: sent [LCP ConfReq id=0x1 <asyncmap
0x0> <magic 0xe99c07cc> <pcomp> <accomp>]
May 15 16:14:54 orangehat pppd[2232]: sent [LCP ConfReq id=0x1 <asyncmap
0x0> <magic 0xe99c07cc> <pcomp> <accomp>]
May 15 16:14:54 orangehat pppd[2232]: rcvd [LCP ConfReq id=0x1 < 00 04
00 00> <mru 1524> <asyncmap 0xa0000> <pcomp> <accomp> < 11 04 05 f4> <
13 09 03 00 c0 7b 7e a6 74>]
May 15 16:14:54 orangehat pppd[2232]: sent [LCP ConfRej id=0x1 < 00 04
00 00> < 11 04 05 f4> < 13 09 03 00 c0 7b 7e a6 74>]
May 15 16:14:57 orangehat pppd[2232]: sent [LCP ConfReq id=0x1 <asyncmap
0x0> <magic 0xe99c07cc> <pcomp> <accomp>]
May 15 16:14:58 orangehat pppd[2232]: rcvd [LCP ConfReq id=0x1 < 00 04
00 00> <mru 1524> <asyncmap 0xa0000> <pcomp> <accomp> < 11 04 05 f4> <
13 09 03 00 c0 7b 7e a6 74>]
May 15 16:14:58 orangehat pppd[2232]: sent [LCP ConfRej id=0x1 < 00 04
00 00> < 11 04 05 f4> < 13 09 03 00 c0 7b 7e a6 74>]
May 15 16:15:00 orangehat pppd[2232]: sent [LCP ConfReq id=0x1 <asyncmap
0x0> <magic 0xe99c07cc> <pcomp> <accomp>]
May 15 16:15:02 orangehat pppd[2232]: rcvd [LCP ConfReq id=0x1 < 00 04
00 00> <mru 1524> <asyncmap 0xa0000> <pcomp> <accomp> < 11 04 05 f4> <
13 09 03 00 c0 7b 7e a6 74>]
May 15 16:15:02 orangehat pppd[2232]: sent [LCP ConfRej id=0x1 < 00 04
00 00> < 11 04 05 f4> < 13 09 03 00 c0 7b 7e a6 74>]
May 15 16:15:03 orangehat pppd[2232]: sent [LCP ConfReq id=0x1 <asyncmap
0x0> <magic 0xe99c07cc> <pcomp> <accomp>]
May 15 16:15:06 orangehat pppd[2232]: sent [LCP ConfReq id=0x1 <asyncmap
0x0> <magic 0xe99c07cc> <pcomp> <accomp>]
May 15 16:15:06 orangehat pppd[2232]: rcvd [LCP ConfReq id=0x1 < 00 04
00 00> <mru 1524> <asyncmap 0xa0000> <pcomp> <accomp> < 11 04 05 f4> <
13 09 03 00 c0 7b 7e a6 74>]
May 15 16:15:06 orangehat pppd[2232]: sent [LCP ConfRej id=0x1 < 00 04
00 00> < 11 04 05 f4> < 13 09 03 00 c0 7b 7e a6 74>]
May 15 16:15:09 orangehat pppd[2232]: sent [LCP ConfReq id=0x1 <asyncmap
0x0> <magic 0xe99c07cc> <pcomp> <accomp>]
May 15 16:15:10 orangehat pppd[2232]: rcvd [LCP ConfReq id=0x1 < 00 04
00 00> <mru 1524> <asyncmap 0xa0000> <pcomp> <accomp> < 11 04 05 f4> <
13 09 03 00 c0 7b 7e a6 74>]
May 15 16:15:10 orangehat pppd[2232]: sent [LCP ConfRej id=0x1 < 00 04
00 00> < 11 04 05 f4> < 13 09 03 00 c0 7b 7e a6 74>]
May 15 16:15:12 orangehat pppd[2232]: LCP: timeout sending
Config-Requests
May 15 16:15:14 orangehat pppd[2232]: rcvd [LCP ConfReq id=0x1 < 00 04
00 00> <mru 1524> <asyncmap 0xa0000> <pcomp> <accomp> < 11 04 05 f4> <
13 09 03 00 c0 7b 7e a6 74>]
May 15 16:15:14 orangehat pppd[2232]: sent [LCP ConfReq id=0x2 <asyncmap
0x0> <magic 0xe2f1c607> <pcomp> <accomp>]
May 15 16:15:14 orangehat pppd[2232]: sent [LCP ConfRej id=0x1 < 00 04
00 00> < 11 04 05 f4> < 13 09 03 00 c0 7b 7e a6 74>]
May 15 16:15:17 orangehat pppd[2232]: sent [LCP ConfReq id=0x2 <asyncmap
0x0> <magic 0xe2f1c607> <pcomp> <accomp>]
May 15 16:15:18 orangehat pppd[2232]: rcvd [LCP ConfReq id=0x1 < 00 04
00 00> <mru 1524> <asyncmap 0xa0000> <pcomp> <accomp> < 11 04 05 f4> <
13 09 03 00 c0 7b 7e a6 74>]
May 15 16:15:18 orangehat pppd[2232]: sent [LCP ConfRej id=0x1 < 00 04
00 00> < 11 04 05 f4> < 13 09 03 00 c0 7b 7e a6 74>]
May 15 16:15:20 orangehat pppd[2232]: sent [LCP ConfReq id=0x2 <asyncmap
0x0> <magic 0xe2f1c607> <pcomp> <accomp>]
May 15 16:15:22 orangehat pppd[2232]: rcvd [LCP ConfReq id=0x1 < 00 04
00 00> <mru 1524> <asyncmap 0xa0000> <pcomp> <accomp> < 11 04 05 f4> <
13 09 03 00 c0 7b 7e a6 74>]
May 15 16:15:22 orangehat pppd[2232]: sent [LCP ConfRej id=0x1 < 00 04
00 00> < 11 04 05 f4> < 13 09 03 00 c0 7b 7e a6 74>]
May 15 16:15:23 orangehat pppd[2232]: sent [LCP ConfReq id=0x2 <asyncmap
0x0> <magic 0xe2f1c607> <pcomp> <accomp>]
May 15 16:15:26 orangehat pppd[2232]: sent [LCP ConfReq id=0x2 <asyncmap
0x0> <magic 0xe2f1c607> <pcomp> <accomp>]
May 15 16:15:26 orangehat pppd[2232]: Hangup (SIGHUP)
May 15 16:15:26 orangehat pppd[2232]: Modem hangup
May 15 16:15:26 orangehat pppd[2232]: Connection terminated.
May 15 16:15:27 orangehat pppd[2232]: Exit.
Can anyone help?
Thanks,
Tim
--== Sent via Deja.com http://www.deja.com/ ==--
---Share what you know. Learn what you don't.---
------------------------------
From: [EMAIL PROTECTED]
Crossposted-To: comp.os.linux.security,comp.os.linux.setup,comp.os.linux.misc
Subject: SECURITY ISSUES: Single user restriction at lilo boot:
Date: Sat, 15 May 1999 16:38:12 -0700
Hi ,
I know that booting from floppy as single user and mounting the root
disk can be used to rescue a system with a forgotten root password. I'm
also aware that this is a part of any unix system.
It so happens that Lilo form the harddisk accepts the "linux single"
boot option. Allowing any one to gain root access.
This poses a problem because we plan to depoly some PCs with linux in
our computer labs and have /home nfs mounted. Given the lack of security
that nfs presents, this posses great problems because a user who has
gained root access can su to any user in the domain. since most of our
UNIX systems are setup this way, the /home directory has to be nfs
mounted.
Comming to the point, How do you block the "linux single" param at boot
up? what other work arounds can you suggest? Since these are PCs and
have reset buttons, power cords any user can reboot the machine.
This issue is what prevents us fom deploying linux and new students and
prospective members of the linux community are at risk.
All help would be greatly appriciated.
Thanx
Arun.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
